From a5d854afbc7ecc0de934040f2b6a22be55b078fe Mon Sep 17 00:00:00 2001
From: =?utf8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer@yahoo.de>
Date: Fri, 27 Nov 2009 14:48:58 +0100
Subject: [PATCH] s4:provision - Fix up the provision of "standalone" and
 "member" mode

Both modes weren't possible anymore since 1.) the secrets entry wasn't created,
2.) a lookup in winbindd was done using "lp_workgroup()" rather than
"lp_sam_name()" (since on the mentioned two configurations we use the netbios
name as domainname - and not the workgroup).
---
 source4/scripting/python/samba/provision.py | 20 +++++++++++---------
 source4/winbind/wb_setup_domains.c          |  2 +-
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 32286dceb3e..5bac6e64a5d 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1266,16 +1266,16 @@ def provision(setup_dir, message, session_info,
         message("Setting up sam.ldb rootDSE marking as synchronized")
         setup_modify_ldif(samdb, setup_path("provision_rootdse_modify.ldif"))
 
-        # Only make a zone file on the first DC, it should be replicated with DNS replication
-        if serverrole == "domain controller":
-            secretsdb_self_join(secrets_ldb, domain=names.domain,
-                                realm=names.realm,
-                                dnsdomain=names.dnsdomain,
-                                netbiosname=names.netbiosname,
-                                domainsid=domainsid, 
-                                machinepass=machinepass,
-                                secure_channel_type=SEC_CHAN_BDC)
 
+        secretsdb_self_join(secrets_ldb, domain=names.domain,
+                             realm=names.realm,
+                             dnsdomain=names.dnsdomain,
+                             netbiosname=names.netbiosname,
+                             domainsid=domainsid, 
+                             machinepass=machinepass,
+                             secure_channel_type=SEC_CHAN_BDC)
+
+        if serverrole == "domain controller":
             secretsdb_setup_dns(secrets_ldb, setup_path, 
                                 realm=names.realm, dnsdomain=names.dnsdomain,
                                 dns_keytab_path=paths.dns_keytab,
@@ -1284,6 +1284,8 @@ def provision(setup_dir, message, session_info,
             domainguid = samdb.searchone(basedn=domaindn, attribute="objectGUID")
             assert isinstance(domainguid, str)
 
+            # Only make a zone file on the first DC, it should be replicated
+            # with DNS replication
             create_zone_file(paths.dns, setup_path, dnsdomain=names.dnsdomain,
                              hostip=hostip,
                              hostip6=hostip6, hostname=names.hostname,
diff --git a/source4/winbind/wb_setup_domains.c b/source4/winbind/wb_setup_domains.c
index 4791495e7f3..6b4fd891c5e 100644
--- a/source4/winbind/wb_setup_domains.c
+++ b/source4/winbind/wb_setup_domains.c
@@ -30,7 +30,7 @@ NTSTATUS wbsrv_setup_domains(struct wbsrv_service *service)
 	primary_sid = secrets_get_domain_sid(service,
 					     service->task->event_ctx,
 					     service->task->lp_ctx,
-					     lp_workgroup(service->task->lp_ctx));
+					     lp_sam_name(service->task->lp_ctx));
 	if (!primary_sid) {
 		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 	}
-- 
2.11.4.GIT